Security and HIPER APARs fixed in DB2 for Linux, UNIX, and Windows Version 9.1 Fix Pack 6a
Flash (Alert)
Abstract Fix Pack 6a for DB2 V9.1 is now available which includes fixes for some serious vulnerabilities. These fixes, where applicable, are also available in Fixpak 3 for DB2 Version 9.5, Fix Pack 6 for DB2 Version 9.1, and FixPak 17 for DB2 Universal Database™ (DB2 UDB) Version 8.1 (also known as FixPak 10 for DB2 UDB Version 8.2), IBM® recommends that you review the vulnerability descriptions and deploy one of the above fix packs to remove the vulnerabilities on your affected DB2 installations.
Content A set of security vulnerabilities was discovered in some DB2 database products by security research firms. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM and the security firms cooperated to allow time for the DB2 development organization to address these vulnerabilities before they were made public. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these vulnerabilities. The affected DB2 UDB for Linux, UNIX, and Windows Version 8.1 and 8.2, Version 9.1 and Version 9.5 products are: DB2 Enterprise Server Edition DB2 Workgroup Server (all Editions) DB2 Express Server (all Editions) DB2 Personal Edition DB2 Connect Server (all Editions)
DB2 Client component and DB2 products or components other than those listed above are not affected.
Due to the complexity of the fixes required to eliminate the reported service vulnerabilities, it is not feasible to retrofit the same fixes into earlier DB2 UDB Version 8 and DB2 Version 9 fix packs, including all of the special builds of the above DB2 database products that precede DB2 UDB Version 8.1 FixPak 17, DB2 Version 9.1 Fix Pack 6 and DB2 Version 9.5 Fix Pack 3.
The specifics of the Security APARs incorporated into the above DB2 fix packs can be found in the following table:
Security APARs
V9.1 FP6a V9.5 FP3a ABSTRACT
IZ36534 IZ37697 SECURITY: MALICIOUS CONNECT DATA STREAM CAN CAUSE DENIAL OF SERVICE.
IZ39373 IZ39653 SECURITY: MALICOUS DATA STREAM CAN CAUSE THE DB2 SERVER TO TRAP.
In addition to the Security APARs, here is a list of HIPER APARs included in these fix packs of which you should be aware.
HIPER APARs
V8 FP17 V9.1 FP6a V9.5 FP3a ABSTRACT
LI73864 UNEXPECTED RESULTS WHEN SELECTING FROM A VIEW WITH OUTER JOIN AFTER UPGRADE TO FP17
IZ38956 IZ38961 POSSIBLE INCORRECT RESULTS WHEN REWRITING NOT EXISTS SUBQUERY IZ37640 IZ37641 QUERY HAVING A JOIN OVER A RANGE PARTITION TABLE MAY GET INCORRECT RESULT.
DB2 users can receive important service information by registering for the My Support program. "My Support" enables you to receive e-mails containing support Flashes as they are issued. To register, visit the DB2 for Linux, UNIX and Windows Technical Support Web site (http://www.ibm.com/software/data/db2/support/db2_9/) and follow the link in the section titled "Personalized support".
The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered security vulnerabilities along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that this issue is causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
27.04.2018 Kerio Introduces New Kerio WinRoute Firewall 6.6 SAN JOSE, Calif., — March 31, 2009 — Kerio Technologies, Inc., a leading innovator in Internet security and messaging, today announced a new version of Kerio WinRoute Firewall, a Windows-based Unified Threat Management (UTM) gateway security solution. This version premieres a cross-platform Kerio VPN Client for Windows, Mac OS X, and Linux, addressing a growing need to provide secure VPN connectivity to the mobile workforce with diverse OS platforms.06.08.2018 Outpost Security Suite получает награду VB100% на платформе XP, SP 3 Мы рады сообщить вам, что Outpost Security Suite Pro (вер. 6.0.2296.253.0490) успешно прошел очередное тестирование антивирусов, проведенное британским журналом Virus Bulletin. Тестирование 35 персональных антивирусов и комплексов защиты для Windows XP, Service Pack 3 проводилось в рамках всестороннего анализа средств антивирусной защиты и показало стопроцентную эффективность OSS в борьбе с «дикими» (WildList) вирусами и отсутствие [...]16.08.2018 Outpost Security Suite получает награду VB100% на платформе XP, SP 3 В блоге компании Agnitum сегодня было сообщено о том, что Outpost Security Suite Pro (вер. 6.0.2296.253.0490) успешно прошел тестирование антивирусов, проведенное британским журналом Virus Bulletin. Тестирование 35 персональных антивирусов и комплексов защиты для Windows XP, Service Pack 3 проводилось в рамках всестороннего анализа средств антивирусной защиты и показало стопроцентную эффективность OSS в борьбе с «дикими» (WildList) вирусами и отсутствие ложных срабатываний в работе Outpost.26.06.2018 Сетевое хранилище QNAP TVS-471U Turbo vNAS, рассчитанное на четыре накопителя, поддерживает технологию виртуализации QvPC Ассортимент компании QNAP Systems пополнился сетевым хранилищем TVS-471U и его разновидностью TVS-471U-RP, отличающейся наличием резервного блока питания. Новинка, рассчитанная на стоечный монтаж, предназначена для предприятий малого и среднего размера. К ее особенностям относится поддержка фирменных технологий виртуализации (QvPC) и поиска (Qsirch). В зависимости от модификации, в хранилище используется процессор Intel Pentium G3250 или Intel Core i3-4150. Объем оперативной памяти DDR3 во всех случаях равен 4 ГБ. Пропускную способность хранилищ производитель оценивает в 1500 МБ/с, а произво...19.08.2018 Outpost Security Suite Pro получает VB100 за работу на Windows Vista Антивирусный комплекс Outpost Security Suite Pro получает очередную награду VB100 в тестировании на платформе Windows Vista Business Edition Service Pack 2.
В отчете Virus Bulletin отмечено: «Мы уже давно являемся поклонниками простого стиля интерфейса <Outpost>, который и в новой версии не утратил своей лаконичности. Несмотря на то, что в продукте много компонентов контроля, работать с ними [...]19.10.2018 Kaspersky Lab's Corporate Endpoint Security Products Earn VB100 Award Kaspersky Lab announces that the beta version of Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition and the established Kaspersky Anti-Virus 6.0 for Windows Servers have both received VB100 awards following testing on a Microsoft Windows 2003 Server R2 platform04.06.2018 Kerio Executive to Lead Mobile Email Session at Microsoft Tech-Ed North America 2008 IT Professionals Conference SAN JOSE, CA--(Marketwire - June 4, 2008) - Kerio Technologies, Inc., a provider of award-winning internet security and messaging software, today announced it will lead a Birds-of-a-Feather session at Tech-Ed North America 2008 IT Professionals Conference. Attendees will learn how to have a collaboration-centric enterprise infrastructure that has the freedom to choose virtually any email and calendar application and be able to synchronize data throughout the organization.
WHAT: Birds-of-a-Feather (BOF) Session titled, "Extending the Desktop to Mobile Devices Anytime, Anywhere"
WHO: Chris Pel...08.10.2018 Новая линейка продуктов Outpost Pro 9.2 с поддержкой Windows 10 Линейка продуктов Outpost Pro обновилась до версии 9.2 (4859.708.2041) и доступна для скачивания на сайте Agnitum. Полный список изменений находится здесь: Outpost Security Suite Pro Outpost Firewall Pro Outpost Antivirus Pro29.01.2018 Kaspersky Lab Awarded Full Marks from AV-TEST for Small Business Endpoint Protection on Windows 10 Kaspersky Lab has topped the list of endpoint protection products in the most recent review with independent IT security institute AV-TEST, receiving full marks for its Kaspersky Small Office Security product.09.03.2018 Kaspersky Lab Protection Goes Wearable: New Kaspersky Internet Security for Android Managed via Smartwatch Kaspersky Lab unveils a new version of Kaspersky Internet Security for Android that, in addition to offering improved performance speed and protection quality, includes an option for managing protection via Android Wear devices.
Нет комментариев. Почему бы Вам не оставить свой?
Вы не можете отправить комментарий анонимно, пожалуйста зарегистрируйтесь.
